vibe-writer-pro
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches real-time research and trending data from established services such as GitHub, Twitter, Reddit, and Hacker News using CLI tools and automated browser sessions.
- [COMMAND_EXECUTION]: The skill utilizes shell commands to manage a local background HTTP server for infographic rendering and employs file-editing capabilities to maintain a persistent user preference log for its self-evolution feature.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes untrusted data from various external social media platforms and user-provided materials. Ingestion points include scraped web content; boundary markers and specific sanitization steps are not explicitly defined in the research workflow. The capability inventory includes file system write access and multi-platform content distribution.
Audit Metadata